fix(codex): default plugin destructive actions on (#80792)

2026-05-18 21:34:46 +00:00 · 2026-05-11 16:50:15 -07:00
parent edd200d517
commit 8954c03231
14 changed files with 54 additions and 24 deletions
--- a/docs/plugins/codex-native-plugins.md
+++ b/docs/plugins/codex-native-plugins.md
@@ -58,7 +58,7 @@ config looks like this:
        config: {
          codexPlugins: {
            enabled: true,
-            allow_destructive_actions: false,
+            allow_destructive_actions: true,
            plugins: {
              "google-calendar": {
                enabled: true,
@@ -143,9 +143,10 @@ controlled by each app's `destructive_enabled` policy.

 ## Destructive action policy

-Destructive plugin elicitations fail closed by default:
+Destructive plugin elicitations are allowed by default for migrated Codex
+plugins, while unsafe schemas and ambiguous ownership still fail closed:

- Global `allow_destructive_actions` defaults to `false`.
+- Global `allow_destructive_actions` defaults to `true`.
 - Per-plugin `allow_destructive_actions` overrides the global policy for that
  plugin.
 - When policy is `false`, OpenClaw returns a deterministic decline.